ISR-evilgrade v1.0.0 : The Fake update manipulator
Evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates. It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victim dns traffic.
Attack vectors:
Internal scenary:
- Internal DNS access
- ARP spoofing
- DNS Cache Poisoning
- DHCP spoofing
External scenary:
- Internal DNS access
- DNS Cache Poisoning
What are the supported OS?
The framework is multiplaform, it only depends of having the right
payload for the target platform to be exploited.
Implemented modules:
- Java plugin
- Winzip
- Winamp
- MacOS
- OpenOffices
- iTunes
- Linkedin Toolbar
- DAP [Download Accelerator]
- notepad++
- speedbit
Thanks for our friend Maximiliano Soler from Argentina who provides us with such good tools.
Interesting video:
Demo feature - (Java plugin + Dan Kaminsky Dns vulnerability) = remote pwned.
Post scriptum
Compliance Mandates
|
Related Articles
Evilgrade |
|
Framework |
|
Penetration testing & Ethical Hacking |
|